You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by "Mike Drob (Jira)" <ji...@apache.org> on 2021/04/12 20:15:00 UTC
[jira] [Resolved] (SOLR-15235) Distributed search with index
sharding is not working with basic authentication plugin enabled
[ https://issues.apache.org/jira/browse/SOLR-15235?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mike Drob resolved SOLR-15235.
------------------------------
Resolution: Duplicate
> Distributed search with index sharding is not working with basic authentication plugin enabled
> ----------------------------------------------------------------------------------------------
>
> Key: SOLR-15235
> URL: https://issues.apache.org/jira/browse/SOLR-15235
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Authentication
> Affects Versions: 8.7, 8.8.1
> Environment: Arch Linux, zulu JDK 11, Solr 8.8.1
> Reporter: Samir Huremovic
> Priority: Blocker
> Labels: authentication
>
> Steps to reproduce (from https://solr.apache.org/guide/8_8/distributed-search-with-index-sharding.html)
> 1. Create two local servers and index two files as described in the docs.
> 2. Check that search is working as described in the docs.
> 3. Stop the instances.
> 4. Add {{security.json}} for both nodes with configuration for auth plugin, for example
> {{{
> "authentication":{
> "blockUnknown": true,
> "class":"solr.BasicAuthPlugin",
> "credentials":{"solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="},
> "realm":"My Solr users",
> "forwardCredentials": false
> }}}}
> 5. Add both nodes to the {{shardsWhitelist}} in both node's {{solr.xml}}, e.g. {{example/nodes/node1/solr.xml}}:
> {{
> <shardHandlerFactory name="shardHandlerFactory"
> class="HttpShardHandlerFactory">
> <int name="socketTimeout">${socketTimeout:600000}</int>
> <int name="connTimeout">${connTimeout:60000}</int>
> <str name="shardsWhitelist">localhost:8984,localhost:8985</str>
> </shardHandlerFactory>
> }}
> 6. Start both nodes again.
> 7. Try searching on a single node, should work: {{curl --user solr:SolrRocks "http://localhost:8984/solr/core1/select?q=*:*&wt=xml&indent=true"}}
> 8. Try distributed search on both nodes, should not work anymore: {{//localhost:8984/solr/core1/select?q=*:*&indent=true&shards=localhost:8985/solr/core1,localhost:8984/solr/core1&fl=id,name&wt=xml"}}
> Error:
> {{
> ❯ curl --user solr:SolrRocks "http://localhost:8984/solr/core1/select?q=*:*&indent=true&shards=localhost:8985/solr/core1,localhost:8984/solr/core1&fl=id,name&wt=xml"
> <?xml version="1.0" encoding="UTF-8"?>
> <response>
> <lst name="responseHeader">
> <int name="status">401</int>
> <int name="QTime">173</int>
> <lst name="params">
> <str name="q">*:*</str>
> <str name="shards">localhost:8985/solr/core1,localhost:8984/solr/core1</str>
> <str name="indent">true</str>
> <str name="fl">id,name</str>
> <str name="wt">xml</str>
> </lst>
> </lst>
> <lst name="error">
> <lst name="metadata">
> <str name="error-class">org.apache.solr.client.solrj.impl.BaseHttpSolrClient$RemoteSolrException</str>
> <str name="root-error-class">org.apache.solr.client.solrj.impl.BaseHttpSolrClient$RemoteSolrException</str>
> </lst>
> <str name="msg">Error from server at null: Expected mime type application/octet-stream but got text/html. <html>
> <head>
> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
> <title>Error 401 require authentication</title>
> </head>
> <body><h2>HTTP ERROR 401 require authentication</h2>
> <table>
> <tr><th>URI:</th><td>/solr/core1/select</td></tr>
> <tr><th>STATUS:</th><td>401</td></tr>
> <tr><th>MESSAGE:</th><td>require authentication</td></tr>
> <tr><th>SERVLET:</th><td>default</td></tr>
> </table>
> </body>
> </html>
> </str>
> <int name="code">401</int>
> </lst>
> </response>
> }}
> Please adjust the priority if needed, for us this means we cannot use Solr with basic auth enabled, which means cannot use it at all in cases where it is a requirement.
> I have linked a related issue that seems to be similar. I have applied the patch from that issue to 8.8.1 and it did not help in my case, therefore I think it is not the exact same issue.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org